﻿<?php
include("inc/global.inc");
$url=$_SERVER['HTTP_REFERER'];
if($_POST[c_code]){
   if($_POST[c_code]==$_SESSION[chkCode]){
   if($_POST[logUserName]){
       $rs=mysql_query("select id,m_psw,m_user,m_jifen2,m_logintime from member where m_user='$_POST[logUserName]' limit 1");
       $row=mysql_fetch_array($rs);
            if($row[id]){
            if($row[m_psw]==substr(md5($_POST[logPassword]),7,19)){
			    if(date("Y-m-d",strtotime($row[m_logintime]))!=date("Y-m-d")){
					$m_jifen2=$row[m_jifen2]+1;
				}else{
					$m_jifen2=$row[m_jifen2];
				}
			
                mysql_query("update member set m_logintime='".date("Y-m-d H:i:s")."',m_jifen2='$m_jifen2' where id='$row[id]'");
                setcookie("user_id",$row[id]);
                setcookie("user_name",$row[m_user]);
                
                echo "<script>location='$url';</script>";
            }else{
                
                echo "<script>alert('密码错误');location='$url';</script>";
            }
            }else{
                
                echo "<script>alert('用户名错误');location='$url';</script>";
            }
   }
   }else{
     echo "<script>alert('验证码错误');location='$url';</script>";
   }
}
?>
